package top.lakakala.util.security;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * Created by k3312 on 2017/6/16.
 */
public class MyUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    public static final String SPRING_SECURITY_LOGIN_METHOD = "SPRING_SECURITY_LOGIN_METHOD";
    private static final Logger log = LoggerFactory.getLogger(MyUrlAuthenticationSuccessHandler.class);
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    private String studetnTargetUrl;
    private String teacherTargetUrl;
    private String adminTargetUrl;

    public MyUrlAuthenticationSuccessHandler(String studetnTargetUrl, String teacherTargetUrl, String adminTargetUrl) {
        this.studetnTargetUrl = studetnTargetUrl;
        this.teacherTargetUrl = teacherTargetUrl;
        this.adminTargetUrl = adminTargetUrl;
    }

    @Override
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        HttpSession session = httpServletRequest.getSession(false);
        String targetUrl = null;
        String method = null;
        if (session != null) {
            method = (String) session.getAttribute(this.SPRING_SECURITY_LOGIN_METHOD);
        }
        switch (method) {
            case DisUsernamePasswordAuthenticationFilter.SPRING_SECURITY_METHOD_STUDENT:
                targetUrl = studetnTargetUrl;
                break;
            case DisUsernamePasswordAuthenticationFilter.SPRING_SECURITY_METHOD_ADMIN:
                targetUrl = adminTargetUrl;
                break;
            case DisUsernamePasswordAuthenticationFilter.SPRING_SECURITY_METHOD_TEACHER:
                targetUrl = teacherTargetUrl;
                break;
        }
        handle(httpServletRequest, httpServletResponse, authentication, targetUrl);
        clearAuthenticationAttributes(httpServletRequest);
    }

    protected void handle(HttpServletRequest request, HttpServletResponse response, Authentication authentication, String targetUrl) throws IOException, ServletException {
        if (response.isCommitted()) {
            log.debug("Response has already been committed. Unable to redirect to {}", targetUrl);
        } else {
            this.redirectStrategy.sendRedirect(request, response, targetUrl);
        }
    }

    protected final void clearAuthenticationAttributes(HttpServletRequest request) {
        HttpSession session = request.getSession(false);
        if (session != null) {
            session.removeAttribute("SPRING_SECURITY_LAST_EXCEPTION");
            session.removeAttribute(this.SPRING_SECURITY_LOGIN_METHOD);
        }
    }
}
